Application Security News and Articles
Australian airline Qantas says personal information stolen from systems hosting the service records of 6 million customers.
The post Qantas Data Breach Impacts Up to 6 Million Customers appeared first on SecurityWeek.
Businesses must take the threat of identity-based attacks seriously and adapt their cybersecurity practices to address this challenge.
The post How Monitoring Users’ Holistic Digital Identities Can Help Businesses Eliminate Cybercriminals’ ...
Exabeam announced a major expansion of its integrated multi-agent AI system Exabeam Nova that now equips security leaders with a real-time strategic planning engine and boardroom communication tool. The Exabeam Nova Advisor Agent is the AI ...
Scamnetic releaseed KnowScam 2.0, its flagship product for scam protection and digital identity verification. KnowScam 2.0 builds on everything users already trust — now with major upgrades, including an enhanced three-point scoring system, the ...
Cybersecurity never stands still. One week it’s AI-powered attacks, the next it’s a new data breach, regulation, or budget cut. With all that noise, it’s easy to get distracted. But at the end of the day, the goal stays the same: protect ...
In this Help Net Security interview, Alexander Clemm, Corp GRC Lead, Group CISO, and BCO at Riverty, shares how the GRC landscape for FinTechs has matured in response to tighter regulations and global growth. He discusses the impact of frameworks ...
Secretless Broker is an open-source connection broker that eliminates the need for client applications to manage secrets when accessing target services like databases, web services, SSH endpoints, or other TCP-based systems. Secretless Broker ...
The Apricorn Aegis Secure Key 3NXC is a 256-bit AES XTS hardware-encrypted flash drive with a USB-C connector. It is available in storage capacities ranging from 4GB to 512GB and holds FIPS 140-2 Level 3 validation. The device is OS-agnostic, ...
Not long ago, travelers worried about bad weather. Now, they’re worried the rental they booked doesn’t even exist. With AI-generated photos and fake reviews, scammers are creating fake listings so convincing, people are losing money before ...
The DOJ announced a far-reaching operation that aimed to knock out a substantial number of North Korean IT worker scams that have victimized more than 100 U.S. companies that unwittingly hired North Korean operatives as remote workers, who then ...
Imagine a civil engineer designing bridges without understanding structural failure.
Now imagine a computer science graduate who’s never…Continue reading on Medium »
By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique ...
We are pleased to feature a guest post from Jaime Halscott, Senior Technology Evangelist at IGEL. With a unique background that blends deep technical expertise, C-level experience, and a law degree, Jaime plays a key role in IGEL’s global ...
The DOJ and other U.S. agencies has charged 324 people, including medical professionals and pharmacists, in connection with a series of investigations into health care fraud, with one investigation dubbed Operation Gold Rush involving $10.6 ...
The FY 2026 House Homeland Security Appropriations Bill highlights growing focus in Congress on protecting border infrastructure from cyber threats. The directive to implement continuous monitoring and real-time threat intelligence reflects a ...
If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. What is Sudo? Sudo is ...
Cloudflare is now the first major internet infrastructure company to block AI crawlers by default when they try to access website content without permission or payment. Starting today, website owners can choose whether to allow AI crawlers and ...
CISA has informed organizations about critical authentication bypass and remote code execution vulnerabilities in Microsens NMP Web+.
The post Critical Microsens Product Flaws Allow Hackers to Go ‘From Zero to Hero’ appeared first on ...
The post Europe’s EUVD could shake up the vulnerability database ecosystem appeared first on Security Boulevard.
The move could reshape how LLM developers gather information — and force new deals between creators and AI companies.
The post Cloudflare Puts a Default Block on AI Web Scraping appeared first on SecurityWeek.
